toctou

TL;DR: Examining some error messages received from the Starbucks News' CMS led to the discovery of the source code of a third-party plugin. This source code revealed that the plugin accepts a POST parameter 'group-id' unsanitized and put directly inside an SQL query, thus exposing the server to blind…